In computer networks, the Internet Protocol (IP) is a network-layer protocol that contains addressing information and control information that enables packets to be routed. The IP protocol supports both private addressing, for internal networks not accessible by the public at large, and public addressing schemes for publicly accessible networks. For a public IP address, the information for the IP address is entered into the Internet's global routing tables and can be accessed from any other valid IP address on the Internet. Public IPs are be used for servers and network hardware that will be used from or by the Internet.
In contrast, private IP addresses are part of the IP addressing scheme but are not globally recognized and cannot be addressed directly from an external network like the Internet. Private addressing is used in IP protocols for conserving address spaces and also as a form of security. In particular, the use of private addresses allows the private network to use the Internet Protocol without requiring use of a public address that could otherwise be used for a public network. Moreover, each private address can define a scope of validity which can be limited in terms of users and functions.
Internet protocol version 4 (IPv4 protocol), a 32 bit architecture, has committed the address ranges 10.X.X.X, 172.X.X.X and 192.X.X for class A, B and C addressing. Each four byte address is divided into two portions: a network portion which identifies the network and a host portion which identifies the node. All nodes within a network will have the same network portion, while each node will have a unique host portion. Class A addresses are to be used for networks with a large number of hosts. The first byte is the network portion and the three remaining bytes are the host portion. Class B addresses are to be used in medium to large networks with the first two bytes making up the network and the remaining two are the host portion. Class C is for small networks with the first three bytes making up the network portion and the last byte the host portion. Each network assigned can be further divided into subnetworks (subnets) for efficiency. When a network is divided into subnets, the host address portion of the IP address is divided into two parts. The host address portion specifies both the subnet of the IP network and the node on that subnet, the subnet being identified by bits called the “subnet mask” and the node being identified by the remaining bits. In essence, a subnet mask locally extends the network address portion of an IP address and reduces the host portion. Thus, as the size of the subnet mask increases, the number of hosts decreases and the number of subnets increases
The next generation internet protocol, IPv6, a 128 bit architecture has committed address ranges FE80:: for link local addressing and FEC0:: for site local addressing. A link local address is typically defined for each link, while a site local address can be defined as desired by a user, and can encompass multiple networks, subnetworks, company departments, company locations, and/or links. The site local addresses are intended to mimic the behavior of 10.X.X.X address ranges defined in IPv4.
However, a potential problem arises when assigning private addresses when using such protocols. In particular, a router which binds together different networks must deal with possible multiple private addressed regions, or scopes, which are various user-defined regions of validity or permitted access. For example, a given scope may include the router interface to a subnetwork, the link to that subnetwork and the subnetwork itself. An addressing problem can arise during the assignment of addresses at the hierarchical boundaries of such scopes. As an extreme example, a router supporting two administrative domains can be connected to two separate logical networks having the same address range allocated to them.
For instance, a router having IP address 10.1.1.1 for Interface 1 (a link local private address) may be in communication with 10.1.1.2 in the private address region A (a site local private address), while Interface 2 of the router may have IP address 10.1.1.2 which is in communication with address 10.1.1.1 in the private address region B. Thus, interface 1 has the same address as private region B, and interface 2 has the same address as private region A. An application residing on the domain router, such as a web server for example, needs to distinguish between the two redundant addresses for security reasons. In addition if these two addresses are part of a larger administrative authority which would like to address some of the hosts in each network using a public address, this capability of distinguishing the addresses needs to be supported. These problems get aggravated with the growth of the Internet and increased use of private addresses.
In IPv6, the addressing architecture mandates that every node supports link local addresses for communication. Thus, any router has to have implicit private addressing support for even basic applications. With the use of automatic address assignments, there remains the possibility of address space collisions among private domains, since there is no way of automatic verification of address conflicts across private domains. Some address differentiation could be done by ensuring that the host identification part of the addresses is uniquely assigned. In practice, however, since there are different ways of generating the host identification part of the address, there is still no guarantee of uniqueness of the addresses. While duplicate address detection capability is available, such mechanisms can guarantee address uniqueness only within a domain or link but not across different interfaces of a router. It is therefore possible that address space conflicts can still occur across different scope domains and at boundaries between scope hierarchies.
In other words, protocols like IPv4 and IPv6, which have fixed address lengths, do not have built-in support for region identification for private addresses or scopes. Accordingly, methods and systems are desired for differentiating addresses at scope domain boundaries.